๐ฎ๐ฉ
hermawan
2025-03-18 16:41:51
(1 year ago)
[Tue Mar 18 23:41:17.832992 2025] [security2:error] [pid 718849:tid 140243813971648] [client 57.141. ...
show more
[Tue Mar 18 23:41:17.832992 2025] [security2:error] [pid 718849:tid 140243813971648] [client 57.141.3.24:40304] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/prakiraan-iklim/prakiraan-musim/prakiraan-musim-kemarau/prakiraan-sifat-hujan-musim-kemarau HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/prakiraan-musim/prakiraan-musim-kemarau/prakiraan-sifat-hujan-musim-kemarau"] [unique_id "Z9miLWXvrYMbL3IcGQ0h2AAAmAA"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[718850] [NdHkksgI1Bk] [Z9miLWXvrYMbL3IcGQ0h2AAAmAA] keep_alive=[1]
...
show less
Hacking
Web App Attack
Anonymous
2025-03-14 21:47:50
(1 year ago)
Excessive crawling/scraping
Hacking
Brute-Force
๐บ๐ธ
MPL
2025-03-13 05:54:06
(1 year ago)
tcp/443 (4 or more attempts)
Port Scan
๐บ๐ธ
MPL
2025-03-13 05:54:06
(1 year ago)
tcp/443 (4 or more attempts)
Port Scan
๐บ๐ธ
mnsf
2025-03-13 05:05:17
(1 year ago)
Too many Status 40X (14)
Brute-Force
Web App Attack
๐ฎ๐ฉ
hermawan
2025-03-12 20:14:28
(1 year ago)
[Thu Mar 13 03:01:14.285865 2025] [security2:error] [pid 11116:tid 140529830454976] [client 57.141.3 ...
show more
[Thu Mar 13 03:01:14.285865 2025] [security2:error] [pid 11116:tid 140529830454976] [client 57.141.3.24:37564] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/analisis-hari-tanpa-hujan-berturut-turut/127-analisis-hari-tanpa-hujan-berturut-turut-tahun-2016 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/analisis-hari-tanpa-hujan-berturut-turut/127-analisis-hari-tanpa-hujan-berturut-turut-tahun-2016"] [unique_id "Z9HoCrmR_sJFG4V9MNVSFgABLgg"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[11125] [SPjjqkJlxhw] [Z9HoCrmR_sJFG4V9MNVSFgABLgg] keep_a
...
show less
Hacking
Web App Attack
๐ฎ๐ฉ
hermawan
2025-03-11 02:21:37
(1 year ago)
[Tue Mar 11 09:15:20.740159 2025] [security2:error] [pid 103355:tid 139783871309504] [client 57.141. ...
show more
[Tue Mar 11 09:15:20.740159 2025] [security2:error] [pid 103355:tid 139783871309504] [client 57.141.3.24:59848] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/profil/meteorologi/list-of-all-tags/monitoring-hari-tanpa-hujan-berturut-turut-propinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-of-all-tags/monitoring-hari-tanpa-hujan-berturut-turut-propinsi-jawa-timur"] [unique_id "Z8-cuPt1e-CTCiyQp0_5zgAApBw"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[103384] [ccUeqW9no3s] [Z8-cuPt1e-CTCiyQp0_5zgAApBw]
...
show less
Hacking
Web App Attack
๐ฎ๐ฉ
hermawan
2025-03-10 17:50:14
(1 year ago)
[Tue Mar 11 00:49:28.982281 2025] [security2:error] [pid 51351:tid 140211845469888] [client 57.141.3 ...
show more
[Tue Mar 11 00:49:28.982281 2025] [security2:error] [pid 51351:tid 140211845469888] [client 57.141.3.24:58004] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/profil/meteorologi/list-of-all-tags/prakiraan-awal-musim-kemarau-propinsi-jawa-timur-tahun-2016?format=feed&type=atom HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-of-all-tags/prakiraan-awal-musim-kemarau-propinsi-jawa-timur-tahun-2016"] [unique_id "Z88mKDm-zByTQ4aMEG7negAB7SU"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[51389] [nvQDmIgB5yI] [Z88mKDm-zByTQ4a
...
show less
Hacking
Web App Attack
Anonymous
2025-03-08 13:37:27
(1 year ago)
Excessive crawling/scraping
Hacking
Brute-Force
๐ฎ๐ฉ
hermawan
2025-03-06 13:34:19
(1 year ago)
[Thu Mar 06 20:28:30.608736 2025] [security2:error] [pid 578923:tid 140589878204096] [client 57.141. ...
show more
[Thu Mar 06 20:28:30.608736 2025] [security2:error] [pid 578923:tid 140589878204096] [client 57.141.3.24:52662] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/prakiraan-bulanan/3874-prakiraan-sifat-hujan-bulanan/prakiraan-sifat-hujan-bulanan-di-propinsi-jawa-timur/prakiraan-sifat-hujan-bulanan-di-propinsi-jawa-timur-tahun-2018/555556718-prakiraan-sifat-hujan-bulan-november-tahun-2018-di-provinsi-jawa-timur-update-dari-analisis-bulan-agustus-2018 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prakiraan-bulanan/3874-prakiraan-sifat-hujan-bulanan/prakiraan
...
show less
Hacking
Web App Attack
๐บ๐ธ
mnsf
2025-03-04 00:05:13
(1 year ago)
Too many Status 40X (14)
Request Overload (255)
Brute-Force
Web App Attack
๐ป๐ณ
Xuan Can
2025-03-02 13:38:28
(1 year ago)
(mod_security) mod_security (id:20000222) triggered by 57.141.3.24 (US/United States/-): 1 in the la ...
show more
(mod_security) mod_security (id:20000222) triggered by 57.141.3.24 (US/United States/-): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 02 20:38:21.620030 2025] [security2:error] [pid 37907:tid 37914] [remote 57.141.3.24:50762] [client 57.141.3.24] ModSecurity: Access denied with connection close (phase 2). Pattern match "wp-admin" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "46"] [id "20000222"] [severity "CRITICAL"] [hostname "kb.pavietnam.vn"] [uri "/huong-dan-thay-doi-duong-dan-dang-nhap-wp-admin-bang-plugin-wps-hide-login-tren-wordpress.html"] [unique_id "Z8RfTQf6qv8hMwlYGNIRLgAAkAY"]
show less
Brute-Force
SSH
๐ป๐ณ
Xuan Can
2025-03-02 00:10:57
(1 year ago)
(mod_security) mod_security (id:1010111) triggered by 57.141.3.24 (US/United States/-): 1 in the las ...
show more
(mod_security) mod_security (id:1010111) triggered by 57.141.3.24 (US/United States/-): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 02 07:10:53.538613 2025] [security2:error] [pid 20293:tid 20329] [client 57.141.3.24:0] [client 57.141.3.24] ModSecurity: Access denied with code 500 (phase 2). Pattern match "=shell" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "25"] [id "1010111"] [severity "CRITICAL"] [hostname "www.diendanmaychu.vn"] [uri "/tags.php"] [unique_id "Z8OiDTszd_qiozut4zu2rAAAAMk"]
show less
Brute-Force
SSH
Anonymous
2025-03-01 18:39:02
(1 year ago)
Malicious activity detected
Hacking
Web App Attack
Anonymous
2025-03-01 15:18:47
(1 year ago)
Excessive crawling/scraping
Hacking
Brute-Force